package com.f5.management.config;

import com.f5.management.entity.AdminUser;
import com.f5.management.entity.Permission;
import com.f5.management.entity.Role;
import com.f5.management.service.PermissionService;
import com.f5.management.service.impl.AdminUserServiceImpl;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.security.Permissions;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * @ClassName RealmConfigBean
 * @Description Realm设置
 * @Author 吴
 * @Date 2021/4/2 10:04
 * @Version 1.0
 **/
public class RealmConfigBean extends AuthorizingRealm {

    //注入service层对象
    @Autowired
    AdminUserServiceImpl adminUserService;

    @Autowired
    PermissionService permissionService;


    //添加set方法注入Bean对象
    public void setAdminUserService(AdminUserServiceImpl adminUserService){
        this.adminUserService = adminUserService;
    }

    //添加set方法注入Bean对象
    public void setpermissionService(PermissionService permissionService){
        this.permissionService = permissionService;
    }

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection token) {

        Object Principal = token.getPrimaryPrincipal();
        //查询用户的模块
        AdminUser user = adminUserService.getAdminUser((String) Principal);

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        //添加角色
        authorizationInfo.addRole(user.getRole().getRoleName());

        //获取账号的权限
        List<Permission> userPermissions = permissionService.getPermissionsByAccount(user.getAccount());
        //授权器认证的集合
        Collection<String> permissions = new ArrayList<>();

        //遍历账号的权限
        for (int i=0;i<userPermissions.size();i++){
            permissions.add( userPermissions.get(i).getPermissionName());
        }




        authorizationInfo.addStringPermissions(permissions);

        return authorizationInfo;





    }


    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        //得到输入的信息
        Object principal = token.getPrincipal();


        AdminUser adminUser;

        /*
           账号返回null,认证的凭证会报UnknownAccountException 异常，controller则根据异常返回信息
         */

        //查询账号
        if (principal.equals(null)){
            //传输的账号是null,则返回null
            return null;
        }else {
            adminUser = adminUserService.getAdminUser((String) principal);
                //当输入账户和数据库账户账户不对，或者账户的状态不对，返回null
            if (!principal.equals(adminUser.getAccount()) || adminUser.getUserState() == 2 ){
                return null;
            }
        }

        AuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(principal, adminUser.getPassword(), this.getName());

        return authenticationInfo;
    }
}
